When setting up the Azure and/or Google apps, do I need all the scopes outlined in your documentation.
Microsoft Oauth - Azure: Requires all the scopes outlined for the authentication process. When authenticating users to Nylas, you are able to limit the scopes that are being accessed via Nylas.
The exception is if using Microsoft Graph scopes which is limited to calendar read/write only.
Google Oauth - GCP: Limit the scopes required to those used by your application. This will make the security review much easier.